Privacy Policy

1. Who we are

Deska ("Deska", "we", "us") provides desk booking software for hybrid offices, accessible at deska.me. This policy describes how we handle personal data collected through the Deska service.

2. Data we collect

• Account data: email address, name, and password (hashed) when you register.
• Workspace data: company name, office layouts, desk assignments, and booking records you create inside Deska.
• Usage data: pages visited, features used, and error logs — used to improve the service.
• Payment data: billing is handled by Stripe. We store only Stripe customer and subscription IDs; we never see your full card number.

3. How we use your data

• To provide and operate the Deska service.
• To send transactional emails (booking confirmations, password resets, billing receipts).
• To detect and prevent abuse, fraud, or security incidents.
• To comply with legal obligations.

We do not sell your data to third parties.

4. Data storage and security

Data is stored on Supabase (PostgreSQL), hosted in the EU. Workspace data is isolated per organisation using row-level security. Data in transit is encrypted via TLS.

5. Data retention

We retain your data for as long as your account is active. If you close your account, workspace data is marked for deletion and purged within 30 days. You can request earlier deletion by contacting us.

6. Your rights

Depending on your location you may have the right to access, correct, export, or delete your personal data. To exercise these rights, email privacy@deska.me.

7. Cookies

Deska uses only essential session cookies required for authentication. We do not use advertising or tracking cookies.

8. Changes to this policy

We may update this policy from time to time. Material changes will be communicated by email or via an in-app notice. Continued use of Deska after changes take effect constitutes acceptance.

9. Contact

Questions about this policy? privacy@deska.me